<?php


namespace app\controller\app;


use app\common\Sign;
use app\common\Util;
use app\service\Route;
use Doctrine\Common\Annotations\AnnotationReader;
use ReflectionMethod;
use support\Request;
use think\facade\Cache;

/**
 * 该类是内存永驻的
 */
class AppBase
{
    protected $user_id = 0;
    protected $access_token = '';
    protected $app_id = 0;
    protected $authority=[];
    protected $client_ip='';

    public function beforeAction(){

        $request = request();

        $this->user_id = 0;
        $this->access_token = '';
        $this->app_id = 0;
        $this->authority=[];

        $this->client_ip = $request->getRealIp($safe_mode=true);


        $_access_token = $request->header('authorization');
        $_app_id = $request->header('appid');
        $_sign = $request->header('sign');

        if (!isset($_app_id)) {
            return error(2, 'app_id is null');
        }



        $this->app_id = $_app_id;
        $this->access_token = $_access_token;

        $method = new ReflectionMethod($request->controller,$request->action);
        $reader = new AnnotationReader();
        $methodRoute = $reader->getMethodAnnotation($method,Route::class);

        if($methodRoute && $methodRoute->authCheck){
            /*--------------------------------------------------------------------*/
            if (!isset($_access_token)) {
                return error(402, 'access_token is null');
            }

            if(isset($_sign)) {
                $decrypted='';
                $deRes = openssl_private_decrypt(base64_decode($_sign),$decrypted,openssl_get_privatekey(config('rsa.private_key')));
                if($deRes){
                    if(Cache::store('redis2')->get('sign_'.$_sign)){
                        Util::send_error_msg("IP:".$this->client_ip.",APPID:".$this->app_id.",hacking",'#FE4A26');
                        //return error(5, 'Stop hacking.');
                    }
                    else{
                        Cache::store('redis2')->set('sign_'.$_sign,Util::msectime(),60*10);
                    }
                }
                else{
                    Util::send_error_msg("IP:".$this->client_ip.",APPID:".$this->app_id.",sign error",'#FE4A26');
                    //return error(4, 'sign error');
                }
            }
            else{
                Util::send_error_msg("IP:".$this->client_ip.",APPID:".$this->app_id.",sign is null",'#FE4A26');
                //return error(3, 'sign is null');
            }

            $payload = Sign::decode($_access_token,config('app.jwt_sign'));
            if($payload){
                if(isset($payload['uid'])){
                    $this->user_id = $payload['uid'];
                }
                $this->authority = Cache::get('auth_'.$this->user_id);
                if(!$this->authority){
                    return error(401, 'access_token is invalid');
                }
            }
            else{
                return error(401, 'access_token is invalid');
            }
            /*--------------------------------------------------------------------*/
        }
        else{
            if (isset($_access_token)) {
                $payload = Sign::decode($_access_token,config('app.jwt_sign'));
                if($payload){
                    if(isset($payload['uid'])){
                        $this->user_id = $payload['uid'];
                    }
                    $this->authority = Cache::get('auth_'.$this->user_id);
                }
            }
        }
    }

}